For many organizations, dealing with HTTPS traffic is something of a double edge sword. Recent moves to encryption challenge the status quo in terms of organizational oversight. Finding a balance between competing interests will be critical to moving forward, but while present technology limitations hamper those efforts, technological advancements can enhance them.

This “Just in Time” research is in response to recent discussions on the EDUCAUSE Higher Education Information Security Council (HEISC) discussion list about data breaches in higher education. Using data from the Privacy Rights Clearinghouse, this research analyzes data breaches attributed to higher education. The results from this review will be used to inform EDUCAUSE research, programs, products, and services.

How do you ensure secure and compliant access to cloud services without losing the agility and cost benefits that these services provide? This report gives you an overview of the market for Cloud Access Security Brokers and a compass to help you to find the product that you need.

Accenture and NowSecure, Inc. analyzed the mobile banking app threat landscape based on industry research, customer-facing mobile banking app vulnerability assessments performed by NowSecure, and Accenture’s industry knowledge and experience working with banking institutions. They collaborated to create a report that was designed to provide an understanding of the current- state security environment for customer- facing mobile banking apps, as well as answer some key questions about the state of mobile banking app security.

This paper discusses what organizations fear and what security measures they are taking to mitigate risks. To find out, they commissioned independent research, surveying more than 600 mobility professionals. The results were eye-opening.

In this research effort, sponsored by iovation, Aite Group surveyed 1,095 U.S. consumers who use online and/or mobile banking in January 2017 to better understand their attitudes toward and understanding of various authentication mechanisms.

System designers have long struggled with the challenge of determining how to control when untrusted applica- tions may perform operations using privacy-sensitive sen- sors securely and effectively. Current systems request that users authorize such operations once (i.e., on install or first use), but malicious applications may abuse such authorizations to collect data stealthily using such sensors. Proposed research methods enable systems to infer the op- erations associated with user input events, but malicious applications may still trick users into allowing unexpected, stealthy operations. To prevent users from being tricked, we propose to bind applications’ operation requests to the associated user input events and how they were ob- tained explicitly, enabling users to authorize operations on privacy-sensitive sensors unambiguously and reuse such authorizations.

Security in an era of next-generation technologies, expanding digital footprints, and widely dispersed user bases requires a comprehensive hybrid approach, delivered through privileged access management (PAM).

This is Rapid7’s Quarterly Threat Report. In this report they sought to make a less chaotic picture of the events of the 3rd quarter of 2017.

This report from May 2016 takes a look at a variety of threat events, and provides insight and solutions for those issues.

The Internet of Things is becoming and area of danger for security risks. This paper discusses the cyber security issues related to the internet of things, and discusses how people should be taking action to protect their devices.

If you’re looking for a paper that talks about Mobile App Integration, this paper is for you.

This report provides data to help understand the need of helping employees understand PCI compliance in the retail industry.

From the report, “We are pleased to present the findings of The State of Malware Detection & Prevention sponsored by Cyphort. The study reveals the difficulty in preventing and detecting malware and advanced threats. The IT function also seems to lack the information and intelligence necessary to update senior executives on cybersecurity risks.”

This is a threat advisory for iCare Leak

This paper takes a look at the current state of device security.

This annual study is conducted by Ponemon Institute to understand trends and changes in endpoint risk in organizations. An endpoint can include servers, desktops, laptops, smartphones, and even printers, ATMs and PoS devices. They surveyed 694 US IT and IT security practitioners who are involved in endpoint security in a variety of organizations.

This report from 2017 is based on a survey conducted during October and November of 2016. They surveyed over a thousand senior security executives from across the globe, including from key regional markets in the US, UK, Germany, Japan, Australia, Brazil, and Mexico, and key segments such as federal government, retail, finance, and healthcare.

Based on the results of a survey, this paper looks at key trends and challenges facing North American businesses seeking to find the right balance and discusses some of the approaches and tools that are available to help you deal with cyber-based fraud management.

This report is a breakdown of mistakes to be avoided in the IT Seurity arena.

This special report brought to you by the folks at Symantec, takes a hard look at the security issues that surround smart speakers.